Privacy Policy
We are committed to protecting your privacy and ensuring the security of your personal information. This policy explains how we collect, use, store, and protect your data.
Data Protection
Your data is encrypted and protected with industry-standard security
No Data Selling
We never sell, rent, or trade your personal information
Your Control
Access, update, or delete your data anytime
Information We Collect
Personal Information
- • Name, job title, and verified contact information
- • Company, billing, and tax identifiers shared for contracts
- • Account credentials, consent preferences, and support chats
- • Tokenised payment details managed by PCI-DSS processors
Interview Data
- • Audio/video recordings, transcripts, and generated summaries
- • AI analytics, scoring benchmarks, and interviewer feedback
- • Templates, prompts, and evaluation rubrics you configure
- • Compliance artefacts and audit logs mandated by DPDP Rules
Technical Data
- • Device identifiers, browser traits, and crash diagnostics
- • Session telemetry and fair-usage indicators for security
- • Cookie and SDK signals that capture consent status
- • Regulatory communications and grievance submissions
How We Use Your Information
Service Provision
Deliver the platform under lawful consent, deemed consent, or legitimate uses recognised by the DPDP Act
AI Analysis
Produce explainable analytics, fairness checks, and benchmarking with human oversight where required
Communication
Send statutory notices, security alerts, and product communications with clear opt-out options
Security
Prevent fraud, enforce fair usage, and fulfil statutory audit, breach, and record-keeping duties
DPDP Act 2023 & Rules 2025 Compliance
Our Data Fiduciary Role
- • HyreFast is the Data Fiduciary responsible for determining lawful purposes.
- • Processing relies on consent, employment obligations, or legitimate uses permitted by the Act.
- • We avoid profiling minors and capture verified guardian consent where applicable.
Governance Controls
- • Annual Privacy Impact Assessments for AI-driven and high-risk processing.
- • Consent artefacts, notice versions, and access logs retained per Rule 14 timelines.
- • Breach notification playbooks aligned to the Data Protection Board of India guidance.
Grievance Redressal
Our Grievance Officer acknowledges complaints within 24 hours and resolves them within 15 days. You may escalate unresolved concerns to the Data Protection Board of India.
Data Storage and Security
HyreFast uses Amazon S3 for data storage and operations, leveraging AWS's ISO 27001 and ISO 27701 certified infrastructure.
Data residency controls ensure primary storage within India. Any cross-border transfer occurs only with contractual safeguards, proportionality assessments, and user notice where required.
Your Rights and Choices
Access
Request access to your personal information
Correction
Update or correct inaccurate data
Deletion
Request deletion of your information
Portability
Request a copy in portable format
Opt-out
Unsubscribe from communications
Withdraw Consent
Revoke permissions and restrict non-essential processing
Grievance Appeal
Escalate unresolved concerns to the Grievance Officer
Data Deletion Policy
Validated erasure requests are fulfilled within 30 days, unless retention is legally mandated for dispute resolution, contractual, or statutory obligations.
Questions About Your Privacy?
If you have any questions about this Privacy Policy or how we comply with India's DPDP framework, our Data Protection & Grievance Office is here to help.
Grievance Officer
Preeti Singh
preeti@hyrefast.ai
Response Time
Acknowledgement in 24h, closure within 15 days
This privacy policy adheres to the Digital Personal Data Protection Act, 2023 and DPDP Rules, 2025. We continually review our safeguards, contracts, and notices to keep your trust.